Side-Channel Analysis of Post-Quantum Cryptographic Algorithms
Time: Fri 2023-03-31 14.00
Location: Ka-Sal C (Sven-Olof Öhrvik), Kistagången 16, Kista
Subject area: Information and Communication Technology
Doctoral student: Kalle Ngo , Elektronik och inbyggda system
Opponent: Professor Lejla Batina, Radboud University
Supervisor: Johnny Öberg, Elektronik och inbyggda system; Professor Ingo Sander, Elektronik och inbyggda system; Elena Dubrova, Elektronik och inbyggda system
Public key cryptographic schemes used today rely on the intractability of certain mathematical problems that are known to be efficiently solvable with a large-scale quantum computer. To address the need for long-term security, in 2016 NIST started a project for standardizing post-quantum cryptography (PQC) primitives that rely on problems not known to be targets for a quantum computer, such as lattice problems. However, algorithms that are secure from the point of view of traditional cryptanalysis can be susceptible to side-channel attacks. Therefore, NIST put a major emphasis on evaluating the resistance of candidate algorithms to side-channel attacks.
This thesis focuses on investigating the susceptibility of two NIST PQC candidates, Saber and CRYSTALS-Kyber Key Encapsulation Mechanisms (KEMs), to side-channel attacks. We present a collection of nine papers, of which eight focus on side-channel analysis of Saber and CRYSTALS-Kyber, and one demonstrates a passive side-channel attack on a hardware random number generator (RNG) integrated in STM32 MCUs.
In the first three papers, we demonstrate attacks on higher-order masked software implementations of Saber and CRYSTALS-Kyber. One of the main contributions is a single-step deep learning message recovery method capable of recovering secrets from a masked implementation directly, without explicitly extracting the random masks. Another main contribution is a new neural network training method called recursive learning, which enables the training of neural networks capable of recovering a message bit with a probability higher than 99% from higher-order masked implementations.
In the next two papers, we show that even software implementations of Saber and CRYSTALS-Kyber protected by both first-order masking and shuffling can be compromised. We present two methods for message recovery: Hamming weight-based and Fisher-Yates (FY) index-based. Both approaches are successful in recovering secret keys, with the latter using considerably fewer traces. In addition, we extend the ECC-based secret key recovery method presented in the prior chapter to ECCs with larger code distances.
In the last two papers, we consider a different type of side channel amplitude-modulated electromagnetic (EM) emanations. We show that information leaked from implementations of Saber and CRYSTALS-Kyber through amplitude-modulated EM side channels can be used to recover the session and secret keys. The main contribution is a multi-bit error-injection method that allows us to exploit byte-level leakage. We demonstrate the success of our method on an nRF52832 system-on-chip supporting Bluetooth 5 and a hardware implementation of CRYSTALS-Kyber in a Xilinx Artix-7 FPGA.
Finally, we present a passive side-channel attack on a hardware TRNG in a commercial integrated circuit in our last paper. We demonstrate that it is possible to train a neural network capable of recovering the Hamming weight of random numbers generated by the RNG from power traces with a higher than 60% probability. We also present a new method for mitigating device inter-variability based on iterative re-training.
Overall, our research highlights the importance of evaluating the resistance of candidate PQC algorithm implementations to side-channel attacks and demonstrates the susceptibility of current implementations to various types of side channel analysis. Our findings are expected to provide valuable insights into the design of future PQC algorithms that are resistant to side-channel analysis.